Posted
by
Hemos
on Friday May 14, 1999 @09:08AM
from the what-about-contacts? dept.

prevost writes "Three bank machines using retina-scans were turned on in Texas yesterday. Cool because it's harder for me to lose my eyes than my ATM card. Scary because eyes're harder to replace after you're mugged. Read more about it "

I'd think there'd almost _have_ to be an alternative system available - there are, after all, people without eyes, or at least without usable ones. And given the legal climate in the USA, if they implement a system that isn't usable by everyone from one-armed acromegalic albinos to quadriplegic spastic achondroplastic dwarves, they're likely to get sued for "violating" someone's "civil rights".

There's no such thing! ATM stands for Automated Teller Machine. an ATM machine would be an Atutomated Teller Machine Machine, which does not make sense... and don't go telling me how you use your "PIN Number" either...

I don't think people will be stealing eyeballs. More likely people will be setting up fake temporary ATMs, with iris scanners, and when someone tries to withdraw money it will scan their iris but refuse to give them money claiming an error. This has been done before with regular ATM cash machines to capture PIN numbers (whilst 'swallowing' the cards).

The thieves can then go to a regular cash machine, pull out the camera, crocodile-clip the camera nodes to a lap-top, and play the scanned sequence back direct to the internal reader. They can then withdraw as much cash as they want.

Now here is the real problem with biometrics. With the fake regular ATMs, the banks and police can put out a warning and those that realise they have been duped can quickly cancel their cards and get new ones sent to them. So how exactly can someone do this with an eye pattern that will remain with them for life?

bioauthentication still has one flaw. consistancy. regardless of how many "charictaristics" there are, they all still boil down to 0s and 1s. to circumvent this kind of security, you will just need to be able to produce a standard, expected responce in a predetermined format. this could be done on the front end (the retinal scanner) or on the wire on the otherside of the scanner. i don not wish to say that a gauntlet has been dropped, but it is something to think about.

>What we need, and which may well happen within a few years, is a system like this for the desktop.

One magazine (PC Magazine?) did a review of thumb and voiceprint scanners. The best price/performance device, and one that they weren't able to circumvent via trickery, was the U.are.U fingerprint scanner, a ~$100 USB device. I'd love to have one, so simple even a small child can use it.

Banks already track your ATM movements using your ATM card and PIN. This doesn't make one iota of difference as far as the banks knowing where you are (or were). Chill out...

The only possible "privacy" concern I can think of is having an image of your iris available to your bank, which is personally something I could care less about, but some of the more paranoid on slashdot have loudly pointed this out.

Banks don't routinely give out things like your PIN, do they? I dunno, in MY bank, nobody even has access to that information. There ARE secure ways of storing things like this.

It's also quite possible that a PIN will still be required to make a withdrawal. (Though I suppose if they've found some way to get at ultra-secure information like your iris image from the bank, they could get your PIN too, but I've never in my life heard of a single case where a PIN was retrieved from a bank...)

Hrm, the problem there is that an ATM can know (to some level of trustworthiness) that the data it's getting really is from an eye scanner. If the data's coming off the net, who knows - it might be coming off a hard disk, grabbed from a sniffer, or anywhere.... If your password gets compromised, you can change it.... how do you change your eyes?

There's a funny thing about retina scans: In mid-1980sh, it was discovered that AIDS virus does transfer with eye fluids. It was discovered when some major biometrics conference was under way. Noone at the conference agreed to test retina scanner, and that was the death of retina scanners.

won't work. Neither will a color copy of your face. From what I remeber about these systems (Gata love the Discovery channel) they won't work if the eye is no longer attached to the user. The systems check to ensure that the eye is still "alive". (Small changes/fluctuations in the iris)

If someone mugs you and pokes out your eye the ATM will not authenticate it (the eye) because these changes will no longer occur. A picture won't work for the same reason.

The only way you can be mugged is either after you got the money out. Or haveing the mugger make you takout the cash at gun point at the cash machine. So nothing has really changed with the exception of not having to remeber a card and a pin number.

As a side note, how do these things work with people who wear contacts sometimes and glasses other times. Would they not be able to wear contacts while using the ATM because it would mess up the iris scan? Anyone who knows something about this would be helpful, I don't want to look forward to a life where I have to take out my contacts every time I want to get money.

1) The thing requires the eye to be alive. Won't work with a goughed out eye anyway.

2) In comment to the guy talking about now someone will wait until you scan your eye and then shoot you or some such nonsense, WHERE ARE YOU LIVING? That happens all the time anyway.

This is so much more secure than an ATM card... the biggest valid problem I've heard with it was the fact that a parent doesn't have the option of telling their kid "go get me $40" or having a friend do it.

These, BTW, aren't anything new, its just the non-testing installation of it thats new. There've been a bunch of banks around the country doing it for a year or so on a testing basis, or at least so I remember reading last year.

I seem to recall reading last year that the visual range the scanners use is not the human-visible range, which is what miniaturized monitors display in.

I think they're into the near infared, so that the image remains contrasty with people whose eye color changes, etc...

Either way, I'd guess if you had a way to get a hires animated image of someone's eye, and fool the machine (which has to be looking for other facial items to even locate the eye -- you don't stick them in front of the camera with these), you're probably clever enough to steal the money from the bank in less easily-catchable ways than stealing from an ATM.

You do know that ATM machines photograph every transaction right? You're gonna look pretty silly holding the display over one of your eyes and hoping it'll work.

Everyone who's worried about getting mugged for their eyeballs -- do you have any idea how unlikely this is? Here's a breakdown:

The mugger must knock you out and steal your wallet. This risk is already present.

The mugger must not immediately leave the scene of the crime, even though he's already got whatever cash and credit cards you were carrying.

The mugger must now use his scalpel, forceps, grapefruit spoon, melon baller, or whatever else he's got handy to remove your eyeball from the socket and sever the optic nerve and muscles that hold it in place, all without puncturing the eyeball in the process (which would probably result in an unusable iris due to the influx of blood).

You must not wake up during any of this.

Because of the $300-per-day limit your bank undoubtedly has on ATM withdrawals, the mugger must now appear on security video at multiple ATM locations over several days holding a severed eyeball, or the whole endeavor is only mildly profitable given the risk. Additionally, the eyeball must maintain its appearance for quite some time with no hydration or blood supply. Formaldehyde may help here; I don't know.

Conclusion: scalpel gangs are not going to rule the streets anytime soon. I'd be more worried about the reliability of the hardware, and the fact that while you can change a PIN, you can't easily change your iris pattern.

Well voice control (like opening programs and such) has been around for a long time - since '92 IIRC. It predates the Power Macs, I'm certain of that.However it's not _that_ good, trust me.(Fortunately it rarely screws up as wildly as the Newton sometimes did. 'Course, the Newt had some degree of learning, and PlainTalk does not.)Eat up Martha.

Think about it - you've just eliminated the current ideal of compartmentalizing your proofs of identity (e.g. passwords, accounts, etc.) by having them all use a single key. Namely your eyeball, which will, sooner or later, not be all that useful once someone figures out how to spoof the scanner.

I can't imagine why anyone would even _think_ about having one's finger pricked for a drop of blood should be good enough for determining identity anyway.

That must be one of the most insecure ways of identification, except for the From field in e-mail messages or news articles.

If you believe that DNA is good enough to identify you, and at the same time think it is scary that virtually anybody can pick up the scraps of your own body you leave behind to _track_ you down, I'm really, really surprised that you can't connect the two to:

The same virtually anybodies can take those scraps of skin, hair, blood remains etc from your garbage, hotel room, car, whatever _and put it somewhere else_, pretending that you were there. But of course you weren't there, just some minor parts of you somebody else stole.

You don't have to see "Conspiracy Theory" and believe in it to think that these things can happen. They can happen because someone has thought about it, and because there tend to be people who abuse every new thing they can come across. That can be your everyday psychopathical specimen, it can be a super-secret government agency (for which government?), it can be organized crime, it can be a prankster, it could be an accident.

So don't go around trusting DNA to be of any help.

What are the alternatives, then, if you don't believe an iris or retina scan is good enough?

Well, you can apply some modern image recognition software. Today, it's possible to recognize a person from her facial features, even through physical changes such as minor injuries (swollen eye, fresh cut across the face, etc), with a precision similar to that of fingerprints (I honestly cannot remember which way is more sure, except for fingerprints having lots of "proven" technology behind it).

This makes it possible to recognize that person's most common facial expressions.

Take this one step further, into recognizing several facial expressions in succession (that is, the way your face changes).

Use cameras from several angles to make sure that it is a real person, and not some face superimposed on a dummy/robot.

Feel free to combine this with some other method that can be performed simultaneously, such as measuring iris response to varying light level, blood pressure and pulse, perhaps even the fingerprint (but that can be faked more easily).

The bonus for the customer is that this would take less energy and time than remembering a PIN code and punching it in, and/or leaning towards a scanner to measure the exact retina, but would still be at least as secure.

The downer is that this technology has yet to be actually implemented, tested and "proven" in a real user environment, and that it'll probably be a bit expensive for the next five years or so, until technology catches up and becomes really cheap.

This doesn't prevent someone from threatening you or your family to force you to withdraw money, buy a Corvette or whatever, but what does? Maybe sometime in the future, we can actually determine for sure whether someone is under pressure for doing things, and that she shouldn't be doing it. I somehow doubt that, but we'll hopefully live to see.

Being someone who is confined to a wheelchair, I am curious as to where the camera is located. I assume that they are positioned for a standing person of average height, which would be impossible for me to get to.

I hope that they are providing an alternate way of identifing yourself. Like the old-fashioned ATM card with a PIN.

I doubt most people would want to subject themselves to a retina scan given the current state of the art. It requires the scanner to come into direct contact with the eye.

Actually, no.

I had a retinal photo the other day as part of my latest eye exam. The lens does get close-in, but it didn't touch my eye. It does shine a very bright linear light in, and the camera rotates from one side to the other (like a panoramic camera).

The afterimage of the light had very clear tracery of the retinal blood vessels in it.

In a way, we have this already. Have you ever used a pre-paid phone card? You pop your money in, you get a card worth whatever you paid (typical amounts: $5, $10, $20) with an ID number on it.

There's no way to associate that card with you because the PIN (really an account number) is set when the card is printed, long before you walk up to the machine. Ran out? Get another!

A similar system is the DC metro, where you put money into a machine and get a paper card with a mag-strip on it. When you go through the gate you pop the card into a slot; at the other side you get a new card with the amount left printed on it. When you don't have enough left to go through a gate, you can pop the card into a farecard machine and add money; the value of the old card is added to what you put in and you get a new card.

I think a hybrid of these would work. You'd have a machine like an ATM, run by Your Favorite Credit Card Company. You put money in, give it a PIN for cash withdrawals and it spits out a card with a magstripe. Then you take this to a merchant and they run it through just like a Visa card.

The merchant knows they'll get their money because it's run by Visa (or whoever). You have your privacy.

Everyone seems to be pointing this out. Can't imagine why. Anyway, I doubt most people would want to subject themselves to a retina scan given the current state of the art. It requires the scanner to come into direct contact with the eye. Not exactly my idea of a good time.

The person who sent in this link makes an excellent point... I wouldn't want to be mugged for my eyes. That's why I find it stupid to only have a single form of authentication. A PIN number or some other code should be used as well, to make eyes less attractive to would-be theives.

An Iris is pretty huge. From what I can tell from the article, that the eyes are not very close to the scanner and must have a fair amount of variation in closeness to the camera.

I am sure that there are plenty of pretty high resolution photographs that show details of people's irises. For example, people on magazine covers. How difficult would it be to laser print one on an elastimer sheet, and distort the iris sections mechanically to simulate pupil contraction. A photocell here, a solinoid there, ia bit of circuitry, and boom, a photosenisitve facial fascimle.

Sure magazine could use photoshop or such to replace irises in pictures before publication, but what about the thousands of pictures already out there.

Irises are just too 'out-there' in plain sight. Its like walking around with your pin number tatooed on your face. Anyone with a telephoto camera could steal it.

Who's to say some criminal won't just sit by the ATM, and when you go to withdraw, he pulls a gun off-camera, and tells you to give him the $300 you just withdrew?

I mean, all we've done here is make the crime all the more violent and personal, with the added bonus of throwing your privacy out the window. I *like* anonymity. I don't care that there's a %0.01 chance that somebody might guess my pin and rip me off - that's what insurance is for. All I'm seeing is a bunch of greedy companies trying to keep the criminal element out... by compromising our privacy and anonymity.

Using biometrics on your desktop for securing network access is tempting but it is also very dangerous - there must be a secure path from the reader to the verifier. In the case of an ATM it is physically secured inside the ATM strongbox. On a network it would have to be a combination of cryptographic authentication and a tamper-resistant reader (no such thing as tamperproof).

Without this it would be ridiculously easy to sniff your iris/finger/hand/face/voice print over the network and impersonate you.

The embedded cryptographic engine inside the tamper resistant reader would use a challenge-response algorithm to ensure that:

1. The scan comes from a real scanner 2. The scan has been performed in the last few seconds.

Using biometrics on your desktop for securing network logins is tempting but it is also very dangerous - there must be a secure path from the reader to the verifier. In the case of an ATM it is physically secured inside the ATM strongbox. On a network it would have to be a combination of cryptographic authentication and a tamper-resistant reader (no such thing as tamperproof).

Without this it would be ridiculously easy to sniff your iris/finger/hand/face/voice print over the network and impersonate you.

The embedded cryptographic engine inside the tamper resistant reader would use a challenge-response algorithm to enable the server to ensure that:

1. The scan comes from a real scanner 2. The scan has been performed in the last few seconds.

First off this sounds very insecure. i work on computers 24/7 and i dont trust any computer outside my reach. I think they should implement a more secure method.

My idea would be more like, when applying for the account they have a randomly generated 4096byte key genrated, this would be used to unlock you accound when it needs to be accessed to with draw from an ATM or else ware. Then they could use you iris as the encrypting key using somthing like RSA's RC5-64, or somthing better.

That way when you goto get some money from the ATM machine it just uses you IRIS to decrypt the key to unlock you account. no need to store you iris, execpt in your head:).

It just seems more secure that way, cause if some one did break into the banks computers, then they would be trying to decrypt keys for a long time, you will probly be dead and have passed you money on in your will befor it gets cracked.

Sounds like it might be fairly trivial to get somebody's retina scan - Don't know anything about it but the article sounded like you just stand there - does one have to put there eye up to something like looking into a microscope to be verified?

The inventor of this technology assures us that photographs of irises will not be distributed outside of the bank. But as we know, accidents (and outright negligence, and occasional criminal behavior) do happen.

It's easy to replace a stolen ATM card, and maybe even to get your ATM number changed. But what if your iris image gets stolen?? Once that cat is out of the bag, how can the bank ever trust your eyes again, and how can you ever prove that it wasn't you who withdrew $700 in Jamaica?

At the very least, they should incorporate a PIN number with this, to ensure that fraud doesn't occur. Even if they have your eyes, they can't get your money without a PIN. In my mind this would be the best solution all around: no card to lose, your eyes become immensely less valuable for a mugger, and if your iris photo is stolen, it only increases their chances of stealing your money to one in ten thousand. I'm not saying iris checking with PIN is crimeproof, but iris checking with no PIN is a rotten idea.

Is that true? You need to put your eye against the scanner? I would NEVER put my cornea up against anything else that other people may have toched in any fashion. The cornea (clear part over your iris) does not receive direct blood flow, thus it is more difficult to fight off infections which could be picked up from direct contact with the scanner.

Some years ago (3 or 4 years), I was shown a tour of a highly secured U.S. Air Force base. There was some talk about some of the security measures. I never observed this particular one, but to enter certain areas, one had to stand in a small phone booth size compartment (so only one person could enter) and then would have to submit to a retinal scan before the person would be allowed through.

It was discovered, using these devices, that a woman's retina changes slightly during a pregnancy. I guess more than a few times the poor trapped woman trying to get into the secured area would set off the alarm and immediately be surrounded by armed security guards. Supposedly, this was how some women first learned they were pregnant.

I wonder if this is true for modern retinal scanners? Either that or your money is safe if your wife is pregnant.

No need to worry, even evil twin brothers have different fingerprints. Fingerprints are influenced by your development in the womb rather than your genetics. (Warning this information was retrived from an unreliable source, my memory).

But what about those novelty contacts? You know cat slits, biohazad symbols and alike that completely obscure the iris. But as long as it can handle the full eye chrome set I'm looking at I will be happy.

So you have a larger central light source that brightens and dims randomly. You have a series of LEDs around it's border. These LEDs turn on one at a time in a random fashion. The combination of these two random events, coupled with your iris's reponse to them should provide a pretty compelling security arrangement.But I don't think that this is sufficient. It would be nice to have a brainwave recognition complement to the iris ID. When you are getting your iris scan, you think of something in particular and don't tell anyone. So your iris pattern is recognized in conjunction with how your eye responds to what you are thinking of, combined with the particular pattern of your brainwaves upon thinking of this something. Even if everyone thought of Sex with the same person in the same position in the same setting, etc., everyone would think of it in different ways, would have different brainwave patterns, and different iris reactions. It'd be interesting to see a spoof that circumvented this.

And good riddance, if you ask me. When you see things like this working in science fiction it assumes a totally secure system, which we all know cannot be built. I would much rather see advances in smart-cards and e-cash, something that retains the anonimity of paper money (anyone read Shadowrun?).If this doesn't get shot down, 10 years from now you won't have any cards, you'll just get your eye scanned everywhere. That gives crackers way more power, because once the system is breached your whole identity can be stolen. If someone steals your drivers license, you can get a new one and invalidate the old. If someone replaces your iris scan with thier own, how do you prove you were ever you?Besides which, are PIN's really that insecure? The people who get thier accounts raided are the ones SMRT enough to write it on the card, or use 1111. Do we really need to give away all our privacy to protect morons from themselves?

I'm curious as to how crooks/con artists are going to try and bypass this kind of security. Maybe we'll see a black market pop up for glass eyes that are replicas of legitimate bank customers' eyes.:-)

Seems to me that all one must do is get a high resolution photograph of someone elses irises and print these out to the aprox real size onto contact lenses. There's many methods by which this could be done.

I've even seen some movies in which spies were protrayed using such a method to defeat iris security. So it's certainly not a new idea, but one most people wouldn't think of.

Wonder how they will prevent people from bypassing IRIS security via this method?? I bet they really can't unless they also still require a PIN...but then what's the point of the whole IRIS scanning thing if one still needs a PIN anyways?? DUMB!!

Yes, but the difference is that I can give my ATM card to my wife, or my kids to use and then there is no way for the banks to know who actually used the ATM card. With iris scanning, there is no doubt that it was you and you alone that made the transaction.---

A way to prevent that? How about a video camera, like is already installed on most ATMs. I'm sure that it would seem suspicious if you were caught on film holding someone's head up to the eyeball scanner.

Good points, all... so what is the likelihood of a nationwide (or worldwide) retina database that business owners can access for a fee? Gov't sponsored registration of all US citizens at birth (or at full retinal development age).

There could be a lock system, implemented at Customs, so that upon entry to the US, you pass through, show your visa, and scan your peepers; this "logs you in" to America and lets you buy things legally--life becomes much more difficult for illegal immigrants.

Sure, you'll have business owners who won't subscribe-- they'll put "cash only" signs in their windows, or an eye in a slashed red circle, and get a reputation for being 'swarthy' and 'unreliable' places; the media could portray them as such, and make a bigger deal out of robberies. To combat this backlash and show that a business has implemented eyeball-based payment, they could put a small picture of an eye on their door or window.

Now, I'm sure the NSA and FBI would love that--tap the machines that read from the database and flag the locations of known criminals. The eyeball could stand for that well-worn phrase about Big Brother's voyeuristic habits.

we've got to stick our eye up against some camera, while we have a really bright light shone directly into it so that it can check our iris

that's how a retina scan would be; iris scans just use a regular video image of the front of your eye, so really you're only limited to the quality of the image that a video camera can produce at distance. i think that current systems can recognize you at a distance of a foot or so.

My question would be what about people with Hazel eyes? My eyes change from dark brown to bright green. The iris also expands/contracts to let more/less light in depending on the lighting in the area.

well, those are really advantages to the technology. provided the software is good enough, it should be able to take account of those factors and use them to confirm whether it's really you when you step up to that atm.

all implementations of iris scanning [that i've seen so far] have an initial training or enrollment procedure where you have to stare into the camera for a minute or so and allow it to record some data about your iris. notice that it doesn't just take a single static snapshot; in principle it could record information like how your pupil responds to variations in ambient light, how the color varies over time, and so on.

I find this hard to believe that this is iris scanning. It probably scans the back of the retina

nope. iris scanning is proving to be far more practical than retinal scanning these days. cheaper equipment, if nothing else, and less invasive (at least conceptually; everyone can already see your iris).

assuming for argument's sake that a display could ever produce an image that was sharp and high-res enough to fool the camera, it still wouldn't work against systems that tested for a live eyeball.

if the system was looking for pupillatory oscillations it wouldn't find them, unless you were playing high-resolution video of a real eyeball. if it was generating different light levels and observing the response of the iris, the static / prerecorded video image wouldn't be up to par.

and if you were smart enough to develop an interactive, real-time, high-resolution, realistic computer-generated iris image that can behave just like a real eye and respond instantaneously to external stimuli, why the fuck would you waste your time trying to get fifty bucks out of an ATM?

The iris pattern is processed and encoded into an IrisCode, which is stored in a database and used for recognition in any transaction when a live iris is presented for comparison. Eyeglasses and contact lenses are accommodated easily.

of course, this is specific to that company's implementation of iris recognition, but i suspect that it's all in the method. if you can algorithmically process an image of an iris into a representation that matches even after optical distortion, then you're set.

one of the cool things about iris scan technology is that it (can be configured so that it) rejects 'fake' id material like a photograph of an iris, some kind of model of an eye, or even a dead guy's eyeball.

the human pupil naturally oscillates and responds to changes in light level; a particularly secure iris recognition system could make use of this by, for example, providing a variable light source over the course of a few seconds to ensure that the iris is 'live' and not somehow simulated.

this is similar to the capabilities of that desktop face-recognition software that was going around a couple years ago - you could put it in a mode where it asked you to blink or smile or something during the recognition process. a bit less convenient but a bit more secure.

What's MORE frightening is that five years from now everyone will be getting email chain letters that talk about some guy who goes to a party, gets a drink, and wakes up in a bathtub full of ice without his eyeballs.

An "easy" way around this little problem is to use RF signals. As anyone knows, electronic devices such as ATMs use electronic control signals. Transmitting on the correct frequency will cause the eye-scanner to "think" that it is receiving scan pictures - actually, they will be radio signals interfering with its operation. SECOND WAY to do this is as follows.... YOU ***ALL*** SHOULD BY NOW know those new projectors which use lazers to project pictures into your eye instead of using areal screen? Well, just use one of those to project an iris scan onto the screen. 3. Hack into the back computer and add your own scan in place of someone else's (best use someone else's iris - in case you get cought...:-). 4. I will NEVER let any bank store my IRIS scan unless ***THEY*** sign a contract to say who sees it (this will include not divulging it to the US government or the police. Furthermore, I would demand to be allowed to attempt to hack in to the computer to see how secure it is. At this point I would expect to be told where to go, so you can see that I won't be having an IRIS controlled bank account anytime soon....:-)

It's funny that the article mentions James Bond and says how this technology is like out of those movies. Well does any one remember that James Bond movie (I forget the name) when the bad guys remove someone's eye and surgically place into someone else's socket to unlock the iris reading lock.? I would think that today's medicine is not too far from being able to do this (if not already). Not that you'd do this to get money from ATM but if this technology becomes pervasive for other more important things...

"In response to questions about privacy concerns, Bank United said the iris pictures will not be distributed to anyone outside the bank."

Call me backwards, but I don't buy it. Reading Hackernews [hackernews.com] on a daily basis makes me suspicious about statements like this. I wonder how hard it would be to make a 'replica eye' or some such. I think I'll stick to my ATM for now, thanks.

I believe that very small very high-rez displays are already available (to be used behind a magnifying glass in e.g. PDAs and cell phones). Make appropriate software to drive it and you probably (IMHO, I'm not even close to an expert) fool at least some of the iris scanning systems.

The standard problem with the biometric systems: what happens if your body changes? What if I got conjuctivitis (eye inflammation)? or something happened to my brow and I have to have my eye bandaged? or I developed a temporary light sensitivity and have to wear a patch today? What about colored contact lenses?

The idea is good, but I'd like to have an alternative system available as well.

What about contact lenses, especially the colored ones that cover up the iris? Will the blind, or those with otherwise funky eyes, have some alternate way to get cash from these machines? (I didn't see anything on the page about this.)

If these things were cheap, they'd make sweet peripherals. No chance of people finding out your password when all passwords are replaced by eye scans.

Everybody has been talking about the possibilities of getting one's eyeballs ripped out of their face... Well, regardless or whether or not that would work (and it seems it wouldn't), I see an even greater danger than that! Kidnapping! Plain and simple!

here is the scenario i am imagining...

you're walking somewhere, not suspecting anything bad.

a stranger comes next to you, tell you he has a gun, to be real quite. maybe he's holding you with a smile on his face, you know - like two friends or something.

walks to an ATM, tells you to look at the machine

widthraw cash

either kills you, or just run

Think about it! at least with a card or a pin, if you don't carry the card with you, there is nothing the criminal can do. And if you do carry it with you(I suspect most of us do), at least you have the option not to give the pin. or give a wrong pin, or something! With the eye thing, you can't leaves your eyes home, and you can't lie. Seems like a criminals' perfect situation.

The number of passwords that a busy Net user (like me) has to remember is getting silly. I have a system for passwords which works most of the time, but I'd much rather get rid of the silly things.

What we need, and which may well happen within a few years, is a system like this for the desktop. It might work something like this: you'd run an iris scan server on each machine on the network. When authenication is required, the remote host connects to your iris scan server which gets the little camera mounted on your monitor to ID you using your iris pattern and send the data back just like a password.

Just the other week I happened to be looking through the Sept. 1997 "Proceedings of the IEEE", which was a special issue on Automated Biometric Systems.

They mention that it is possible to tell whether the eye is alive or not:

Another interesting aspect of the iris from a biometric point of view has to do with its moment-to-moment dynamics. Due to the complex interplay of the iris' muscles, the diameter of the pupil is in a constant state of small oscillation. Potentially, this movement could be monitored to make sure that a live specimen is being evaluated. Further, since the iris reacts very quickly to changes in impinging illumination (e.g., on the order of hundreds of milliseconds for contraction), monitoring the reaction to a controlled illuminant could provide similar evidence. In contrast, upon morbidity, the iris contracts and hardens, facts that may have ramifications for its use in forensics.

This article even mentions Never Say Never Again as a way iris recognition came to popular attention. My guess is that people who have worked on iris recognition are familliar with its use in movies and books and have tried to overcome potential deficiencies that have been suggested there.

So if these guys did their homework you won't have to worry about being mugged for your eyes.

At least it tracked just a computer around the Internet. This tracks you! Not an employee who checked out the company laptop after you or your brother who borrowed it. Also, this is like having one user id and password for all your accounts. When someone figures out how to spoof it, look out. Melissa is a warning about monoculture systems. Bio-diversity and techo-diversity make for more robust systems.

Iris scanning for ATMs aims at solving a symptom (reliable access to cash) to a problem (cash itself).

What we need is a reliable anonymous electronic payment system. I think Mondex is close to this (although I don't know too much about it myself). Something where you can charge an electronic card up with cash units from your credit card in the comfort of your own home would give you:

1/ Greater security, since you're not getting a large quantity of cash at an obvious crime target (static ATM). 2/ You don't need to carry so much anonymous money , since you can recharge at your leisure.

Differentiating between anonymous money and verified money is important. Verified money (with a good verification system) is difficult to steal (a signature on a credit card slip is verified but it's not a good system). Anonymous money is necessary for your privacy, but is more attractive to criminals. The convertion point where you exchange verified -> anonymous money carries the greatest security risk and the sooner it is removed from public places the better.

An iris scan, not a retina scan, so for this to work, we've got to stick our eye up against some camera, while we have a really bright light shone directly into it so that it can check our iris?

Sounds to me like that would hurt, a lot. Don't mind me, I'm just light sensitive.

Then again, what about people that have cataracts? Are they not going to be able to use those ATM's or are they still going to have to carry around a card and remember a PIN? Dear me, what's the next step to get around this, DNA scanners? Sounds like Gataga now *shiver*

Course to use a DNA scanner we'd be needing some source of DNA... they would probably want blood. There is now way that I'm walking up to a machine to get my finger pricked just so I can take money out. I'd rather carry a card and remember a PIN.

Is this technology based on any open standards like Interac? If several banks start implementing iris scanners, will people be able to use a different brand of bank machine? And if so - doesn't that make the whole thing even more insecure?;)